Using "ultimate" Owner Trust

David Scribner
Thu Aug 15 10:58:01 2002

--- Lionel Elie Mamane <> wrote:
> On Wed, Aug 14, 2002 at 07:54:54PM -0700, David Scribner
> wrote:
> > When (and why) would someone assign an owner trust level of
> > "ultimate" to someone else's key?
> It is your key, but you don't have the corresponding secret
> key on
> *this* computer, because it is a "high-security" key you keep
> only on
> a secure network? That would be a good reason to have ultimate
> trust
> in a key you don't have the secret key of in your keyring.
> -- 
> Lionel

Yes, the scenario you offered I clearly understand, and was
aware of. However, with regards to that particular question I
was wondering:

When (and why) would someone assign an owner trust level of
"ultimate" to someone _else's_ key? (aside from a server script
scenario for example)

Let's say I've imported my good friend Alice's public key into
my keyring. I've signed her key which gives it fully validated,
or calculated trust on my keyring.

I decide to also set an owner trust level to that key. In
v1.0.6, since I wouldn't have Alice's secret key available I
could only go as far as giving her full owner trust, as ultimate
owner trust was reserved for keys that had a corresponding
secret key available. 

Now, in v1.0.7, I can clearly assign ultimate owner trust to
whatever public key I have on my keyring, regardless as to who
that key might belong to or whether a corresponding secret key
exists or not.

My thoughts are that this ability was to allow for the scenario
you just mentioned, where you were giving ultimate trust to your
OWN key for situations in which there was a security issue and
you didn't want your secret key available, and as a way to work
around the currently obsolete (but still usable for now)
'--trusted-key' option.

However, since that scenario you mentioned is the only situation
that I am aware of (other than perhaps server scripts or
something similar as mentioned), I was wondering if there was
something else I've missed, or if I'm in the dark on some other
purpose or use for this feature.

In other words, now that I can, *why* would I ever give Alice's
key an owner trust level of ultimate instead of full?

I ask as I'm going to be giving an introductory presentation on
GnuPG to our local LUG in September (not that I'm an expert on
GnuPG mind you... far from it), which will be targeted to new
GnuPG users that have never used the application before, and
will be returning home to create their own key pairs with a
(hopefully) high regard for establishing a sound web of trust.

I had started my presentation slides and article based on
v1.0.6, and my initial reasoning was that for keys in which they
trust the owner's judgment as much as their own, they could
assign full owner trust, but only *their* keys would hold
"ultimate" trust.

As such, I had initially made good points as to why "ultimate
trust" belonged to only the keyholder's key, and why it was they
could only assign that level to a public key that had a
corresponding key on their secret keyring... in other words,
their own key.

Now I'm wondering what I could tell them, or what I SHOULD tell
them, as to reasoning behind why they could now give "just any
ol' key on their keyring" that level of "ultimate trust" if
they'll be using v1.0.7. I kind of liked the restriction in
v1.0.6 (clearly defined structure), but I want to make sure
they're steered in the right direction from the very start (and
I'm able to answer their questions). ;)

So, should I continue along my original path, only with the
revision that they need to be aware that, although they *could*,
they should take care to only assign the level of ultimate trust
to their *own* key? (or what)

Thanks for your response Lionel, and the time you took out of
your day to do so!


David D. Scribner
IT Consulting & Services
CompTIA Linux+, Network+, A+ Certified
Ph: (817) 461-4018        eFax: (630) 214-7769
GnuPG/PGP: 3172 7408 58CA D9C2 F697  950F 9DDC 7AC7 91EC 5F06

Do You Yahoo!?
HotJobs - Search Thousands of New Jobs